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1 . The Art Unit location of your application in the USPTO has changed. To aid in 
correlating any papers for this application, all further correspondence regarding this 
application should be directed to Art Unit 2617. 

Response to Amendment 

2. Applicant’s arguments filed on 4/25/2008 have been fully considered with regard 
to the rejection of claims under 102(b) and are persuasive. Therefore and finality of the 
rejection under 102(b) is withdrawn. 

3. Applicant argument stating that 

So in Haverinen et al., the IP address is allocated to the mobile terminal 
prior to authenticating the mobile terminal with the underlying mobile 
network. Claim 1, in contrast, recites that the IP address is sent to the 
wireless terminal after a successful authentication. Accordingly, 
independent claim 1 is distinguishable over Haverinen et al. 
is not persuasive. Haverinen does not disclose allocating IP address prior to 
authentication. In fact, it is common knowledge that authentication always takes place 
before any device is connected to a network. However, applicant is still referred to 
Svensson (US 2003/0120920) and figure 2 and section [0025] and [0026] where this 



limitation is disclosed. 
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DETAILED ACTION 
Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1-5, 7-13, 15-22, 24, and 25 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Haverinen et al. (2002/0,012,433). 



With respect to claim 1, Haverinen discloses a method in a telecommunication 
system for allowing a SIM-based authentication to users of a wireless local area 
network who are subscribers of a public land mobile network (See Haverinen’s 
abstract, see figure 7 & 8, sections [0242] - [0244], [0247], [0249] - [0251], [0255] - 
[0258]), the method comprising: 

(a) a wireless terminal accessing the wireless local area network through an 
accessible Access Point (See Haverinen’s abstract, see figure 7 & 8, sections [0242] 
- [0244], [0247], [0249] - [0251], [0255] - [0258]); 

(b) discovering an Access Controller interposed between the Access Point and the 
public land mobile network from the wireless terminal (See Haverinen’s abstract, see 
figure 7 & 8, sections [0242] - [0244], [0247], [0249] - [0251], [0255] - [0258]); 
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(c) carrying out a challenge-response authentication procedure between the wireless 
terminal and the public land mobile network through the Access Controller (See 
Haverinen’s abstract, section [0018], [0020], [0021], [0022], [0029], [0034], [0109], 
[0138], [0170], [0315], see additional information at section [0009] - [0013]), the 
wireless terminal provided with a SIM card and adapted for reading data thereof (See 
Haverinen’s abstract, see figure 7 & 8, sections [0242] - [0244], [0247], [0249] - 
[0251], [0255] - [0258]); wherein the challenge-response authentication submissions in 
step c) take place before having provided IP connectivity to the user (See Haverinen’s 
abstract, section [0014] - [0029], [0343]), and are carried: 

- on top of a Point-to-Point layer 2 protocol (PPPoE) between the wireless 
terminal and the Access Controller (See Haverinen’s [0343]); and 

- on an authentication protocol residing at an application layer between the 
public land mobile network and the Access Controller (See Haverinen’s [0003], [0263]- 
[0269]); and the method further comprising: 

(d) offering the IP connectivity to the user at the wireless terminal, by sending an 
assigned IP address and other network configuration parameters, once said user 
has been validly authenticated by the public land mobile network (See Haverinen’s 
abstract, section [0014] - [0029], [0343]). 

With respect to claim 15, Haverinen discloses an Access Controller in a 
telecommunication system that comprises a wireless local area network including at 
least one Access Point, a public land mobile network, and at least one wireless terminal 
provided with a SIM card and adapted for reading subscriber data thereof (See 
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Haverinen’s abstract, see figure 7 & 8, sections [0242] - [0244], [0247], [0249] - 
[0251], [0255] - [0258]), the Access Controller comprising: 

a Point-to-Point layer 2 protocol (PPPoE) server for communicating with the 
wireless terminal over a PPPoE protocol, the PPPoE server being arranged for 
tunneling a challenge-response authentication procedure (See Haverinen’s abstract, 
section [0343], [0018], [0020], [0021], [0022], [0029], [0034], [0109], [0138], [0170], 
[0315], see additional information at section [0009] - [0013]); and 

an authentication client for communicating with the public land mobile network, 
wherein the authentication client is configured to implement an authentication protocol 
residing at an application layer, wherein the access Controlller is configured to send an 
assigned IP address and other network configuration parameters to the wireless 
terminal to provide IP connectivity after the challenge-response authentication 
procedure is successfully carried out between the wireless terminal and the public land 
mobile network in the telecommunication system. (See Haverinen’s [0003], [0263]- 
[0269]). 

With respect to claim 25, Haverinen discloses a telecommunication system 
comprising a wireless local area network that includes at least one Access Point, a 
public land mobile network, at least one wireless terminal provided with a SIM card and 
adapted for reading subscriber data thereof, and the Access Controller in claims 15 for 
allowing SIM-based subscriber authentication to users of the wireless local area 
network who are subscribers of the public land mobile network (See Haverinen’s 
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abstract, see figure 7 & 8, sections [0242] - [0244], [0247], [0249] - [0251], [0255] - 
[0258]). 

With respect to claim 2, Haverinen discloses a method wherein the step (b) 
includes establishing a Point-to-Point Protocol session between a Point-to-Point over 
Ethernet (PPoE) Protocol client in the wireless terminal and a Point-to-Point over 
Ethernet (PPoE) Protocol server in the Access Controller (See Haverinen’s abstract, 
see figure 7 & 8, sections [0242] - [0244], [0247], [0249] - [0251], [0255] - [0258]). 

With respect to claim 3, Haverinen discloses a method wherein the step (c) (See 
Haverinen’s abstract, section [0018], [0020], [0021], [0022], [0029], [0034], [0109], 
[0138], [0170], [0315], see additional information at section [0009] - [0013]) 
includes: 

(cl) sending a user identifier from the wireless terminal to the public land mobile 
network through the Access Controller (See Haverinen’s see figure 9, section [0263]- 
[0279]); 

(c2) receiving an authentication challenge at the wireless terminal from the 
public land mobile network via the Access Controller (See Haverinen’s see figure 9, 
section [0263]-[0279]); 

(c3) deriving encryption key and authentication response at the wireless terminal 
from the received authentication challenge (See Haverinen’s see figure 9, section 
[0263]-[0279]); 

(c4) sending the authentication response from the wireless terminal to the public 
land mobile network through the Access Controller (See Haverinen’s see figure 9, 
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section [0263]-[0279]); 

(c5) receiving at the Access Controller an encryption key from the public land 
mobile network (See Haverinen’s see figure 9, section [0263]-[0279]); and 
(c6) extracting the encryption key received for further encryption of 
communication path with the wireless terminal (See Haverinen’s see figure 9, section 
[0263]-[0279]). 

With respect to claim 4, Haverinen discloses a method further comprising shifting 
authentication information received on top of the Point-to-Point layer 2 protocol upwards 
to the authentication protocol residing at the application layer for submissions toward 
the public land mobile network (See Haverinen’s see figure 9, section [0285]-[0305]). 

With respect to claim 5, Haverinen discloses a method further comprising the 
step of shifting authentication information received on the authentication protocol 
residing at application layer downwards on top of the Point-to-Point layer 2 protocol for 
submissions toward the wireless terminal (See Haverinen’s see figure 9, section 
[0285]-[0305]). 

With respect to claim 7, Haverinen discloses a method wherein the step (d) 
includes a previous step of requesting the assigned IP address from a Dynamic Host 
Configuration Protocol server (See Haverinen’s see figure 9, section [0263]-[0279]). 

With respect to claim 8, Haverinen discloses a method wherein the 
communication between the Access Controller and the public land mobile network goes 
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through an Authentication Gateway of said public land mobile network (See 
Haverinen’s see figure 9, section [0263]-[0279]). 

With respect to claim 9, Haverinen discloses a method wherein the 
communication between the Access Controller and an Authentication Gateway of the 
public land mobile network goes through an Authentication Server of the wireless local 
area network in charge of authenticating local users of said wireless local area network 
who are not mobile subscribers (See Haverinen’s see figure 9, section [0263]- 
[0279]). 

With respect to claim 10, Haverinen discloses a method wherein the user 
identifier in step (c) comprises a Network Access Identifier (See Haverinen’s see 
figure 16, section [0346], [0371]). 

With respect to claim 1 1 , Haverinen discloses a method wherein the user 
identifier in step c) comprises an International Mobile Subscriber Identity (See 
Haverinen’s see figure 9, section [0263]-[0279], see additional information at 
section [0242], [0244], [0247], [0250], [0255], [0258]). 

With respect to claim 12, Haverinen discloses a method wherein the 
authentication protocol residing at the application layer in step (c) is an Extensible 
Authentication Protocol (See Haverinen’s see figure 16, section [0342] -[0347], 
[0348]-[0350]). 

With respect to claim 13, Haverinen discloses a method wherein this Extensible 
Authentication Protocol is transported over a RADIUS protocol (See Haverinen’s see 
figure 16, section [0342]-[0347], [0348]-[0350] and [0323]). 
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With respect to claim 16, Haverinen discloses an Access Controller wherein 

the authentication dine is configured to shift information received on top of the 
Point-to-Point layer 2 protocol upwards to the authentication protocol residing at the 
application layer (See Haverinen’s see figure 9, section [0285]-[0305]); and 
wherein the PPPoE server is configured to shift information received on the 
authentication protocol residing at the application layer downwards on top of the Point- 
to-Point layer 2 protocol (PPPoE) (See Haverinen’s see figure 9, section [0285]- 
[0305]). 

With respect to claim 17, Haverinen discloses an Access Controller wherein the 
Access Controller is adapted for requesting an IP address from a Dynamic Host 
Configuration Protocol server, after a user has been successfully authenticated by his 
public land mobile network (See Haverinen’s see figure 9, section [0263]-[0279]). 

With respect to claim 18, Haverinen discloses an Access Controller wherein the 
Access Controller is adapted for communicating with a wireless terminal via an Access 
Point (See Haverinen’s abstract, see figure 7 & 8, sections [0242] - [0244], [0247], 
[0249] - [0251], [0255] - [0258]). 

With respect to claim 19, Haverinen discloses an Access Controller wherein the 
Access Controller is adapted for communicating with the public land mobile network via 
an Authentication Gateway (See Haverinen’s see figure 9, section [0263]-[0279]). 

With respect to claim 20, Haverinen discloses an Access Controller wherein the 
Access Controller is adapted for communicating with an Authentication Gateway via an 
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Authentication Server responsible for authenticating local users of the wireless local 
area network (See Haverinen’s see figure 9, section [0263]-[0279]). 

With respect to claim 21, Haverinen discloses an Access Controller wherein the 
authentication protocol residing at the application layer is an Extensible Authentication 
Protocol (See Haverinen’s see figure 16, section [0342] -[0347], [0348]-[0350]). 

With respect to claim 22, Haverinen discloses an Access Controller wherein the 
Extensible Authentication Protocol is transported over a RADIUS protocol (See 
Haverinen’s see figure 16, section [0342]-[0347], [0348]-[0350] and [0323]). 

With respect to claim 24, Haverinen discloses a wireless terminal capable of 
carrying out a challenge-response authentication procedure, the wireless terminal 
comprising a client configured to act as a Point- to-Point layer 2 protocol (PPPoE) 
client, wherein an Extensible Authentication Protocol is carried on top of a Point-to-Point 
layer 2 protocol (See Haverinen’s see figure 9, section [0285]-[0305]). 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Haverinen et al. (2002/0,01 2,433) in view of Fink et al. (US 7,043,633). 
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With respect to claim 6, Haverinen discloses a method of establishing at the 
wireless terminal an encryption path by using the previously derived encryption keys at 
the Access Controller and wireless terminal. Haverinen does not disclose a symmetric 
encryption. But Fink et al. discloses this limitation (See Fink et al. figure 4, col.8 lines 
3-20). Therefore, it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to modify the invention of Haverinen and combine it with Fink, 
thereby providing a system that uses symmetric encryption as disclosed by Fink et al. 
(See Fink et al. figure 4, col.8 lines 3-20). 

8. Claims 14, and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Haverinen et al. (2002/0,012,433) in view of Amin et al. (US 6,854,014). 

With respect to claim 14 and 23, Haverinen discloses a method wherein the 
Extensible Authentication Protocol is used. Haverinen does not disclose the EAP is 
transported over a Diameter protocol. But Amin et al. discloses this limitation (See 
Amin's col.2 lines 3, lines 9-10, lines 66-67, col.3 line 1). Therefore, it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to 
modify the invention of Haverinen and combine it with Amin, thereby providing a system 
that uses Diameter protocol, as disclosed by Amin et al. (See Amin's col.2 lines 3, 
lines 9-10, lines 66-67, col.3 line 1). 
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Conclusion 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to SAYED T. ZEWARI whose telephone number is 
(571 )272-6851 . The examiner can normally be reached on 8:30-4:30. 

1 0. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s 
supervisor, Lester G. Kincaid can be reached on 571-272-7922. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

1 1 . Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 

Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Sayed T Zewari/ 
Examiner, Art Unit 2617 

June 20, 2008 



/Nick Corsaro/ 
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